NETCONF serverΒΆ

As explained in the introduction, Virtual Service Router provides a NETCONF API that is used by NETCONF clients to configure and monitor the router remotely.

At startup, if the NETCONF server is not configured, it listens on all interfaces (IPv4 and IPv6 addresses) on port 830 of the main VRF.

The VRF, IP address and port on which the NETCONF server listens can be configured. This replaces the default configuration.

Here is an example of configuration that will start the NETCONF server in the mgmt VRF on addresses 192.168.0.5, port 8030 and fec0::dcad:cafe:ae01:203, port 830:

vsr running config# vrf mgmt netconf-server
vsr running netconf-server# enabled true
vsr running netconf-server# address 192.168.0.5 port 8030
vsr running netconf-server# address fec0::dcad:cafe:ae01:203
vsr running netconf-server# commit
Configuration applied.

To display the NETCONF server state:

vsr running config# show state vrf mgmt netconf-server
netconf-server
    enabled true
    address 192.168.0.5 port 8030
    address fec0::dcad:cafe:ae01:203 port 830
    ..

The same configuration can be made using this NETCONF XML configuration:

vsr running config# show config xml absolute vrf main netconf-server
<config xmlns="urn:6wind:vrouter">
  <vrf>
    <name>mgmt</name>
    <netconf-server xmlns="urn:6wind:vrouter/netconf-server">
      <enabled>true</enabled>
      <address>
        <ip>192.168.0.5</ip>
        <port>8030</port>
      </address>
      <address>
        <ip>fec0::dcad:cafe:ae01:203</ip>
        <port>830</port>
      </address>
    </netconf-server>
  </vrf>
</config>

Here is an example of configuration that will delete the previous configuration and reestablish the default behavior (listen on all interfaces on port 830):

vsr running config# del vrf mgmt netconf-server
vsr running config# vrf main netconf-server
vsr running netconf-server# enabled true
vsr running netconf-server# commit
Configuration applied.

Here is an example of configuration that will stop the NETCONF server:

vsr running config# vrf main netconf-server
vsr running netconf-server# enabled false
vsr running netconf-server# commit
Configuration applied.

Attention

If you disable the NETCONF server, any remote operation via NETCONF will be made impossible. If you have not disabled it into the startup configuration, a reboot will restore the default configuration.

If you have explicitly disabled the NETCONF server in your startup configuration, remote NETCONF operation will not be enabled on boot. SSH remote access is not related to this and remains available unless you also disabled it.

See also

The command reference for details.